Focus Mode
Info Data Leak

Hackers reportedly compromise Argentina’s airport security payroll system

RecordedFuture

Summary: Argentina’s airport security police (PSA) experienced a cyberattack that compromised personal and financial data, leading to unauthorized deductions from employees’ salaries. The breach is believed to have exploited a vulnerability in Banco Nación’s systems, raising concerns about internal accomplices and the motivations behind the attack.

Threat Actor: Unknown | unknown threat actor
Victim: PSA (Argentina’s airport security police) | Argentina’s airport security police

Key Point :

  • Unauthorized deductions from employee salaries ranged from 2,000 to 5,000 pesos ($100 to $245).
  • The breach was linked to a vulnerability in Banco Nación, which processes PSA’s payroll.
  • PSA has initiated an internal cybersecurity awareness campaign and blocked some services in response.
  • Previous cyber incidents in Argentina include breaches of e-government platforms and a ransomware attack on Telecom Argentina.

Argentina’s airport security police (PSA) have fallen victim to a cyberattack that reportedly compromised the personal and financial data of its officers and civilian personnel.

The unknown threat actor gained access to PSA’s payroll records and deducted small amounts of money from employees’ salaries, local media reported on Monday, citing sources at the agency. The hackers listed these fraudulent deductions — ranging from 2,000 to 5,000 pesos ($100 to $245) — under false labels, such as “DD mayor” and “DD seguros.”

According to the reports, the cybercriminals gained access to PSA records through a vulnerability in the systems of Banco Nación, the bank that processes the agency’s payroll. The operation could have been carried out either from abroad or from within Argentina, potentially with internal accomplices, local media said.

Neither Argentina’s airport security forces nor Banco Nación have commented on these claims or publicly acknowledged the breach.

In response to the attack, the PSA blocked some of its services and launched an internal cybersecurity awareness campaign. It’s not yet clear whether the attack was financially or politically motivated and the amount of stolen funds.

In December, unknown hackers breached two of Argentina’s e-government platforms, exposing the personal information of millions of citizens. The Mi Argentina app, which allows users to manage digital IDs and legal documentation, and the SUBE app, used for public transport card management, both faced disruptions following the attack. Local cyber authorities attributed the incident to a threat actor using the pseudonym “h4xx0r1337” but haven’t revealed any other details.

In July, Telecom Argentina reported being targeted by a ransomware attack after hackers encrypted up to 18,000 workstations using stolen admin credentials. In April, the hackers claimed to have obtained access to a database at the Central Bank of Argentina, containing the names and ID numbers of its customers.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

Source: https://therecord.media/hackers-target-airport-security-payroll

Tags: CLOUD, VULNERABILITY, GOVERNMENT, BANK, FINANCIAL, LEARN